How to add many IPs to allow for SMTP Relay

Posted on 2011-05-09
Medium Priority
Last Modified: 2012-05-11
I have a list of IPs that I need to add to 4 separate Exchange 2003 SP2 servers that we have configured as the Internal Bridgehead servers.
These IPs need to be added to:Protocols-SMTP-Default SMTP Virtual Server-Default SMTP Virtual Server Properties-Access Tab-Relay

Does someone have a script?
Question by:Admin_Stooge
  • 2

Accepted Solution

GundogTrainer earned 2000 total points
ID: 35721680
If you download the IPSec.vbs utility from microsoft:

replacing DOM-DC-1 with one of your domain controllers and adding your exchange servers to the list and save as something like AddSMTP.bat

if you then wanted say to add to the SMTP ACL you would just  run


if you have a simple Excel sheet with all the allowed server names and IP addresses on them then you can write a simple formula to construct the command for you - and if you ever need to add another server\ rebuild one you can add the ACL easily by pasting into a command line window etc.

cscript Ipsec.vbs -d DOM-DC1 -o a -r connection -v %1 -m %2 -s Exch-srv01
cscript Ipsec.vbs -d DOM-DC1 -o a -r accept -v %1 -m %2 -s Exch-srv01
cscript Ipsec.vbs -d DOM-DC1 -o a -r relay -v %1 -m %2 -s Exch-srv01

cscript Ipsec.vbs -d DOM-DC1 -o a -r connection -v %1 -m %2 -s Exch-srv02
cscript Ipsec.vbs -d DOM-DC1 -o a -r accept -v %1 -m %2 -s Exch-srv02
cscript Ipsec.vbs -d DOM-DC1 -o a -r relay -v %1 -m %2 -s Exch-srv02

cscript Ipsec.vbs -d DOM-DC1 -o a -r connection -v %1 -m %2 -s Exch-srv03
cscript Ipsec.vbs -d DOM-DC1 -o a -r accept -v %1 -m %2 -s Exch-srv03
cscript Ipsec.vbs -d DOM-DC1 -o a -r relay -v %1 -m %2 -s Exch-srv03

Open in new window


Expert Comment

ID: 35721721
To remove an entry its just a case of copying the script and changing the operation from "-o a" (add) to "-o d" (delete).

cscript Ipsec.vbs -d DOM-DC1 -o d -r connection -v %1 -m %2 -s Exch-s

we have 6 relays with a internal dnsname and it makes keeping them all set the same quite easy.

Author Comment

ID: 35722775
I'm following the instructions from the link you provided.
I have a text file with the 50 IPs in this format:
cscript IPsec.vbs –s exchange server name –o a –r relay –d domain controller –v      IP

I open a cmd prompt and go to C:\ExIpSecurity
I then run
C:\ExIpSecurity>addiprelay01.bat > addiprelay01results.txt

But when checking the output file, I see this:
Quitting: Syntax incorrect. Type 'ipsec.vbs' for usage.

Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If something goes wrong with Exchange, your IT resources are in trouble.All Exchange server migration processes are not designed to be identical and though migrating email from on-premises Exchange mailbox to Cloud’s Office 365 is relatively simple…
Mailbox Corruption is a nightmare every Exchange DBA wishes he never has. Recovering from it can be super-hectic if not entirely futile. And though techniques like the New-MailboxRepairRequest cmdlet have been designed to help with fixing minor corr…
The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager
This video discusses moving either the default database or any database to a new volume.
Suggested Courses
Course of the Month15 days, 21 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question